Lucene search
+L

304 matches found

RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.3 views

kernel: net: sched: fix memory leak in tcindex_set_parms

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 size 256: comm "syz-executor105", pid 3600,...

5.5CVSS6.6AI score0.00159EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.5 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.9 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00565EPSS
Exploits0References8
OSV
OSV
added 2023/10/26 7:57 a.m.8 views

CLSA-2023-1698307021 Fix of 7 CVEs

CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU...

7.8CVSS6.8AI score0.00454EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/10/10 4:28 p.m.2 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/10/10 3:27 p.m.6 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/10/10 2:16 p.m.6 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
OSV
OSV
added 2023/09/26 8:23 a.m.11 views

CLSA-2023-1695716575 kernel: Fix of 25 CVEs

xen/xenbus: don't let xenbusgrantring remove grants in error case CVE-2022-23040 - xen/xenbus: Fix granting of vmalloc'd memory - xen/blkfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23036 - xen/grant-table: add gnttabtryendforeignaccess CVE-2022-23036 - xen/blkfront: don't...

7.8CVSS7AI score0.05496EPSS
Exploits14References1
OSV
OSV
added 2023/09/06 2:15 p.m.2 views

UBUNTU-CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.7AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2023/09/06 2:15 p.m.1 views

UBUNTU-CVE-2023-4208

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. When u32change is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References5
OSV
OSV
added 2023/09/06 2:15 p.m.2 views

UBUNTU-CVE-2023-4623

A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e. with the HFSCFSC flag set has a parent without a link-sharing curve, then initvf will call...

7.8CVSS6.7AI score0.0029EPSS
Exploits0References24
OSV
OSV
added 2023/09/04 11:35 a.m.15 views

CLSA-2023-1693827322 Fix of 9 CVEs

Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...

6.7CVSS6.8AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2023/08/30 9:54 p.m.8 views

CLSA-2023-1693432495 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: clsu32: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsfw: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsroute: No longer copy tcfresult on update to avoid use- after-free...

7.8CVSS7.1AI score0.05794EPSS
Exploits3References1
Microsoft CVE
Microsoft CVE
added 2023/08/01 7:0 a.m.4 views

Use-after-free in Linux kernel's net/sched: cls_fw component

...

7.8CVSS6.8AI score0.00517EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: net: sched: fix memory leak in tcindex_set_parms

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 size 256: comm "syz-executor105", pid 3600,...

5.5CVSS6.6AI score0.00159EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2023/01/24 8:0 a.m.1 views

In the Linux kernel before 6.1.6 a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.

...

5.5CVSS7.1AI score0.00964EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/10/25 10:35 a.m.6 views

kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem...

7.8CVSS6.6AI score0.05871EPSS
Exploits7References5
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2022:2285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.2AI score0.0021EPSS
Exploits1References4
OSV
OSV
added 2022/04/23 4:6 a.m.6 views

SUSE-SU-2022:1318-1 Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9580 fixes several issues. The following security issues were fixed: - CVE-2022-1016: Fixed a vulnerability in the nftables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from a...

7.8CVSS7.2AI score0.01169EPSS
Exploits12References7
RedHat Linux
RedHat Linux
added 2020/11/04 1:14 a.m.13 views

kernel: use-after-free in route4_change() in net/sched/cls_route.c

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...

7.8CVSS6.8AI score0.00353EPSS
Exploits2References5
Rows per page
Query Builder